Security Through Boredom

Menu

Post navigation

The Last Day Of Firefox

Well, as I’d promised I used Firefox and only Firefox for a week. This is the last day of use and I do have to say I’ll be going back to Chrome.

I liked Firefox but there’s nothing that really stands out. The best thing is that I can’t close pinned tabs. That’s really the best part of it right now.

But the startup is slow because of the pinned tabs and Firefox as a whole is definitely slower than Chrome in terms of UI responsiveness and page loads. WordPress is a really good example of this, it’s nearly instant on Chrome but Firefox hiccups.

I like NoScript too but there’s no way I would run with Scripts Globally Blocked — huge pain in the ass. Without that there are still protections but not nearly as many. While the Globally Blocked would provide significant security the Globally Allowed does much less – the part that stands out is ClearClick, which is meant to protect against clickjacking.

While I’ll miss NoScript I don’t think that Globally Allowed protects me enough to make it worth it.

NoScript v Sandbox

Where Firefox has NoScript Chrome has a Sandbox. The two aim to do very different features.

NoScript protects against attacks like XSS, clickjacking, and it’ll block websites from loading up Javascript, Plugins, WebGL, which can be used to exploit the machine.

Chrome’s sandbox is meant to protect against attacks that would use RCE to compromise a system. By locking the browser into a strict environment malicious code is not able to interact dangerously with the system.

The difference is that NoScript really protects the browser session itself and Chrome protects the system. So for something like getting online to bank it might be better to go with Firefox with NoScript and HTTPS-Everywhere but if you’re worried about visiting an exploit page that’ll try a drive-by you’ll likely want Chrome.

Thankfully on Linux you can use AppArmor or SELinux or another LSM to restrict Firefox but the Chrome sandbox goes beyond LSM.

So for my personal use I find Chrome to be the more secure option. For specific tasks like online banking I might consider Firefox.

All in all it’s a matter of multiple factors. Performance, security, and stability. I actually had no crashes or glitches with Firefox or Flash in Firefox, which surprised me. I rarely have issues with Chrome either but I do on occasion. In terms of performance though there’s no question and for me personally Chrome is providing the security I want.

So it’s back to Chrome for me.

I’ll see if I can get my friend from Moz to write something, I’m sure he’s dying to get Chrome off of his system.